<?php
/*
* Authors: Matthew Wakim
*
* File: wallsHistory.php
*
* Purpose: To display the history of all walls that were given estimates
* 
* 
*
*
*/
require_once "header.php";

if (!isset($_SESSION['user']))
    die("<br /><br /><center>You must be logged in to view this page.</center>");
$user = $_SESSION['user'];

require_once 'login.php';
$db_server = mysql_connect($dbhost, $dbuser, $dbpass);
if (!$db_server) die("unable to connect to MYSQL: " . mysql_error());

mysql_select_db($dbname, $db_server)
	or die("Unable to connect to MYSQL: " . mysql_error());

if (isset($_POST['firstName']) &&
	isset($_POST['lastName']) &&
	isset($_POST['street']) &&
	isset($_POST['city']) &&
	isset($_POST['state']) &&
	isset($_POST['zip']) &&
	isset($_POST['phone']) &&
	isset($_POST['fax']) &&
	isset($_POST['email'])) {
	$firstName		= get_post('firstName');
	$lastName		= get_post('lastName');
	$street	= get_post('street');
	$city		= get_post('city');
	$state		= get_post('state');
	$zip		= get_post('zip');
	$phone		= get_post('phone');
	$fax		= get_post('fax');
	$email		= get_post('email');
	
	if (isset($_POST['delete']) && isset($_POST['donorID'])) 
	{
	$donorID = get_post('donorID');
	$query = "DELETE FROM individual WHERE donorID=$donorID";
		if (!mysql_query($query, $db_server))
		{
		echo "DELETE failed: $query<br />" .
		mysql_error() . "<br /><br />";
		}
	}
	else 
	{
		$query = "INSERT INTO individual VALUES"."('$firstName', '$lastName')";
		$query2 = "INSERT INTO donor VALUES" . "('$street', '$city', '$state', '$zip', '$phone', '$fax', '$email')";
	
		if (!mysql_query($query, $db_server))
		{
			echo "INSERT failed: $query<br />" .
			mysql_error() . "<br /><br />";
		}
	}
	}
echo <<<_END
<form action="donerinfotest.php" method="post"><pre>
				Walls Record History
				
     First Name: <input type="text" name="firstName" />
     Last Name: <input type="text" name="lastName" />
      Street: <input type="text" name="street" />
 City: <input type="text" name="city" />
   State: <input type="text" name="state" />
 Zip Code: <input type="text" name="zip" />
  Phone Number: <input type="text" name="phone" />
  Fax: <input type="text" name="fax" />
  Email: <input type="text" name="email" />
	 	   <input type="submit" value="ADD RECORD" />
		  
</pre> </form>
_END;
	
$query = "SELECT * FROM donor";
$result = mysql_query($query);

if (!result) die ("Database access failed: " .mysql_error());
	
	$rows = mysql_num_rows($result);
	for ($j = 0 ; $j < $rows ; ++$j)
	{
		$row = mysql_fetch_row($result);
echo <<<_END
	<pre>
	    Donor ID: $row[0]
	    First Name: $row[1]
	     Last Name: $row[2]
	</pre>
	<form action="donerinfotest.php" method="post">
	<input type="hidden" name="delete" value="yes" />
	<input type="hidden" name="donorID" value="$row[0]" />
	<input type="submit" value="DELETE RECORD" /> </form>
_END;
}

mysql_close($db_server);

function get_post($var)
{
	return mysql_real_escape_string($_POST[$var]);
}


?>